Need recommendation for firewall

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

webuser1200

Member
Oct 6, 2013
96
11
8
I'm in the process of getting a primary and backup datacenter for one server each and have an office with 10-20 servers. I currently use untangle, but I am thinking of moving to a dedicated firewall with the move to the DC.

These servers will be run pretty locked down. I need the firewall to do the following:

1. Support OpenVPN, be easy to add new users and restrict users to just one or more servers.
2. Be able to forward ports and have whitelisted IP addresses
3. Be rack mountable for the DC
4. We are not very network speed-sensitive and don't have a lot of bandwidth going in and out.

What's a good option around 500-600$ range. How much would I have to pay for a service contract? Is that needed for my requirements above?
 

RTM

Well-Known Member
Jan 26, 2014
956
359
63
How about a Supermicro E200-9A barebone and something like pfSense?
With the MCP-290-10110-0B you can rackmount it.

With regards to service contract, I would say that depends on how important the firewall and the servers are for you.
I would imagine that it may be cheaper to just buy a 2nd firewall box (ideally in a CARP high availability configuration).

If you do want a service contract for something with pfsense, it would probably be better to buy a Netgate appliance (or 2) and get a service contract which starts at 400 $/mth, like a XG-7100 or something (though it is quite a lot more expensive).
 

webuser1200

Member
Oct 6, 2013
96
11
8
Thanks. How is the pfSesnse going to be different then untangle that I already have?
400$ a month? Wow, that's expensive. What do you get in the service contract? Just firmware updates?

There was a deal posted on Juniper SRX 300 but they don't have a rack mount (it has to be bought seperatly) and has a power adapter. What about something from cisco.
 

RTM

Well-Known Member
Jan 26, 2014
956
359
63
Thanks. How is the pfSesnse going to be different then untangle that I already have?
400$ a month? Wow, that's expensive. What do you get in the service contract? Just firmware updates?

There was a deal posted on Juniper SRX 300 but they don't have a rack mount (it has to be bought seperatly) and has a power adapter. What about something from cisco.
Well... personally I would consider pfSense the slightly better solution, but honestly I have nothing to base that on :oops:

Yeah, I agree about the support contract, which is why I don't have one.
You don't need a support contract to use pfSense or to get access to updates.

The best part about buying generic hardware, is that you can always find some other piece of software to use if you don't like pfSense, in this case alternatives could be vyos, Untangle, TNSR, Sophos XG and so on.

Also I was wrong about the price on the support contract, I guess that was if you were to buy a Netgate appliance, the right prices are on their website: Netgate Global Support